├── 1. aws_tf_vpc_basics
    ├── datasources.tf
    ├── main.tf
    ├── outputs.tf
    ├── providers.tf
    └── userdata.tpl
├── 2. aws_tf_rds_secrets_manager
    ├── kms_key.tf
    ├── main.tf
    ├── rds.tf
    ├── secrets_manager.tf
    └── variables.tf
├── 3. aws_tf_ec2_ebs_userdata
    ├── cloudinit.tf
    ├── instance.tf
    ├── key.tf
    ├── provider.tf
    ├── scripts
    │   ├── init.cfg
    │   └── volumes.sh
    ├── securitygroup.tf
    ├── vars.tf
    └── vpc.tf
├── 4. aws_tf_ec2_s3
    ├── iam.tf
    ├── instance.tf
    ├── key.tf
    ├── output.tf
    ├── provider.tf
    ├── s3.tf
    ├── securitygroup.tf
    ├── vars.tf
    ├── versions.tf
    └── vpc.tf
├── 5. aws_tf_ecs_fargate
    ├── Load-Balancer.tf
    ├── Security-Group.tf
    ├── Target-Group.tf
    ├── backend.tf
    ├── ecs-cluster.tf
    ├── ecs-service.tf
    ├── ecs-taskdefiniton.tf
    ├── iam-policy.json
    ├── iam-policy.tf
    ├── iam-role.json
    ├── iam-role.tf
    ├── output.tf
    ├── provider.tf
    └── vpc.tf
├── 6. aws_tf_api_gateway_lambda_integration
    ├── API-GW.tf
    ├── iam-policy.json
    ├── iam-policy.tf
    ├── iam-role.tf
    ├── lambda-function.tf
    ├── output.tf
    ├── provider.tf
    └── variables.tf
├── LICENSE
└── README.md


/1. aws_tf_vpc_basics/datasources.tf:
--------------------------------------------------------------------------------
 1 | data "aws_ami" "example" {
 2 |   most_recent = true
 3 |   owners      = ["099720109477"]
 4 | 
 5 |   filter {
 6 |     name   = "name"
 7 |     values = ["ubuntu/images/hvm-ssd/ubuntu-focal-20.04-amd64-server-*"]
 8 |   }
 9 | }
10 | 
11 | resource "aws_instance" "MyEc2Instance" {
12 |   ami                    = data.aws_ami.example.id
13 |   instance_type          = "t2.micro"
14 |   key_name               = aws_key_pair.auth.id
15 |   vpc_security_group_ids = ["${aws_security_group.allow_sgs.id}"]
16 |   subnet_id              = aws_subnet.main.id
17 |   user_data              = file("${path.module}/userdata.tpl")
18 | 
19 |   root_block_device { 
20 |     volume_size = 10
21 |   }
22 | 
23 |   tags = {
24 |     Name = "dev-node"
25 |   }
26 | }


--------------------------------------------------------------------------------
/1. aws_tf_vpc_basics/main.tf:
--------------------------------------------------------------------------------
 1 | 
 2 | resource "aws_vpc" "main" {
 3 |   cidr_block           = "10.0.0.0/16"
 4 |   enable_dns_hostnames = true
 5 |   enable_dns_support   = true
 6 | 
 7 |   tags = {
 8 |     Name = "dev"
 9 |   }
10 | }
11 | 
12 | resource "aws_subnet" "main" {
13 |   vpc_id                  = aws_vpc.main.id
14 |   cidr_block              = "10.0.1.0/24"
15 |   map_public_ip_on_launch = true
16 |   availability_zone       = "us-east-1a"
17 | 
18 |   tags = {
19 |     Name = "dev-public"
20 |   }
21 | }
22 | 
23 | resource "aws_internet_gateway" "gw" {
24 |   vpc_id = aws_vpc.main.id
25 | 
26 |   tags = {
27 |     Name = "main"
28 |   }
29 | }
30 | 
31 | resource "aws_route_table" "rt" {
32 |   vpc_id = aws_vpc.main.id
33 | 
34 |   tags = {
35 |     Name = "dev-public-rt"
36 |   }
37 | }
38 | 
39 | resource "aws_route" "r" {
40 |   route_table_id         = aws_route_table.rt.id
41 |   destination_cidr_block = "0.0.0.0/0"
42 |   gateway_id             = aws_internet_gateway.gw.id
43 |   depends_on             = [aws_route_table.rt]
44 | }
45 | 
46 | resource "aws_route_table_association" "rt-association" {
47 |   subnet_id      = aws_subnet.main.id
48 |   route_table_id = aws_route_table.rt.id
49 | }
50 | 
51 | locals {
52 |   ports_in = [
53 |     443,
54 |     80,
55 |     22
56 |   ]
57 |   ports_out = [
58 |     0
59 |   ]
60 | }
61 | 
62 | resource "aws_security_group" "allow_sgs" {
63 |   name        = "dev_sg"
64 |   description = "Allow inbound traffic"
65 |   vpc_id      = aws_vpc.main.id
66 | 
67 |   dynamic "ingress" {
68 |     for_each = toset(local.ports_in)
69 |     content {
70 |       description      = "HTTPS from VPC"
71 |       from_port        = ingress.value
72 |       to_port          = ingress.value
73 |       protocol         = "tcp"
74 |       cidr_blocks      = ["0.0.0.0/0"]
75 |     }
76 |   }
77 | 
78 |   dynamic "egress" {
79 |     for_each = toset(local.ports_out)
80 |     content {
81 |       from_port        = egress.value
82 |       to_port          = egress.value
83 |       protocol         = "-1"
84 |       cidr_blocks      = ["0.0.0.0/0"]
85 |     }
86 |   }
87 | 
88 |   tags = {
89 |     Name = "allow_sgs"
90 |   }
91 | }
92 | 
93 | resource "aws_key_pair" "auth" {
94 |   key_name   = "mykey"
95 |   public_key = file("mykey.pub")
96 | }
97 | 


--------------------------------------------------------------------------------
/1. aws_tf_vpc_basics/outputs.tf:
--------------------------------------------------------------------------------
1 | output "dev_id" {
2 |   value = aws_instance.MyEc2Instance.public_ip
3 | }


--------------------------------------------------------------------------------
/1. aws_tf_vpc_basics/providers.tf:
--------------------------------------------------------------------------------
 1 | # this provides configuration to aws
 2 | terraform {
 3 |   required_providers {
 4 |     aws = {
 5 |       source = "hashicorp/aws"
 6 |     }
 7 |   }
 8 | }
 9 | 
10 | # provides the information to access aws specifically
11 | provider "aws" {
12 |   shared_credentials_files = ["~/.aws/credentials"]
13 |   profile                  = "default"
14 | }
15 | 


--------------------------------------------------------------------------------
/1. aws_tf_vpc_basics/userdata.tpl:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | sudo su
3 | apt update
4 | apt install -y apache2
5 | echo "Hello from AWS Cloud Demos!!!" > /var/www/html/index.html


--------------------------------------------------------------------------------
/2. aws_tf_rds_secrets_manager/kms_key.tf:
--------------------------------------------------------------------------------
 1 | # KMS key used by Secrets Manager for RDS
 2 | resource "aws_kms_key" "default" {
 3 |   description             = "KMS key for RDS"
 4 |   deletion_window_in_days = 7
 5 |   is_enabled              = true
 6 |   enable_key_rotation     = true
 7 | 
 8 |   tags = {
 9 |     Name = var.default_tag
10 |   }
11 | }


--------------------------------------------------------------------------------
/2. aws_tf_rds_secrets_manager/main.tf:
--------------------------------------------------------------------------------
 1 | terraform {
 2 |   required_providers {
 3 |     aws = {
 4 |       source  = "hashicorp/aws"
 5 |       version = "5.9.0"
 6 |     }
 7 |   }
 8 |   backend "s3" {
 9 |     bucket = "my-rds-secrets-bucket"
10 |     key    = "rds_tf_state/terraform.tfstate"
11 |     region = "us-east-1"
12 |   }
13 | }
14 | 
15 | provider "aws" {
16 |   region = "us-east-1"
17 | }


--------------------------------------------------------------------------------
/2. aws_tf_rds_secrets_manager/rds.tf:
--------------------------------------------------------------------------------
 1 | data "aws_secretsmanager_secret" "example" {
 2 |   name = "rds_admin6"
 3 |   depends_on = [
 4 |     aws_secretsmanager_secret.example
 5 |   ]
 6 | }
 7 | 
 8 | data "aws_secretsmanager_secret_version" "secret" {
 9 |   secret_id = data.aws_secretsmanager_secret.example.id
10 | }
11 | 
12 | resource "aws_db_instance" "default" {
13 |   identifier              = "my-database"
14 |   allocated_storage       = var.allocated_storage
15 |   storage_type            = "gp2"
16 |   engine                  = var.engine
17 |   engine_version          = var.engine_version
18 |   instance_class          = var.instance_class
19 |   username                = "Admin"
20 |   password                = data.aws_secretsmanager_secret_version.secret.secret_string
21 |   parameter_group_name    = "default.mariadb10.4"
22 |   skip_final_snapshot     = true
23 |   publicly_accessible     = true
24 |   multi_az                = false
25 |   storage_encrypted       = true
26 |   backup_retention_period = 7
27 | 
28 |   tags = {
29 |     Name = var.default_tag
30 |   }
31 | }


--------------------------------------------------------------------------------
/2. aws_tf_rds_secrets_manager/secrets_manager.tf:
--------------------------------------------------------------------------------
 1 | resource "random_password" "password" {
 2 |   length           = 16
 3 |   special          = true
 4 |   override_special = "_!%^"
 5 | }
 6 | 
 7 | resource "aws_secretsmanager_secret" "example" {
 8 |   kms_key_id              = aws_kms_key.default.key_id
 9 |   name                    = "rds_admin6"
10 |   description             = "RDS Admin password"
11 |   recovery_window_in_days = 14
12 | 
13 |   tags = {
14 |     Name = var.default_tag
15 |   }
16 | }
17 | 
18 | resource "aws_secretsmanager_secret_version" "secret" {
19 |   secret_id     = aws_secretsmanager_secret.example.id
20 |   secret_string = random_password.password.result
21 | }


--------------------------------------------------------------------------------
/2. aws_tf_rds_secrets_manager/variables.tf:
--------------------------------------------------------------------------------
 1 | variable "allocated_storage" {
 2 |   description = "The amount of storage to allocate"
 3 |   type        = number
 4 |   default     = 20
 5 |   sensitive   = true
 6 | }
 7 | 
 8 | variable "engine" {
 9 |   description = "The database engine to use"
10 |   type        = string
11 |   default     = "mariadb"
12 | }
13 | 
14 | variable "engine_version" {
15 |   description = "The engine version to use"
16 |   type        = string
17 |   default     = "10.4.25"
18 | }
19 | 
20 | variable "instance_class" {
21 |   description = "The instance class to use"
22 |   type        = string
23 |   default     = "db.t4g.small"
24 | }
25 | 
26 | variable "default_tag" {
27 |   type        = string
28 |   description = "A default tag to add to everything"
29 |   default     = "terraform_aws_rds_secrets_manager"
30 | }


--------------------------------------------------------------------------------
/3. aws_tf_ec2_ebs_userdata/cloudinit.tf:
--------------------------------------------------------------------------------
 1 | # Define a cloud-init configuration data source named "cloudinit-example"
 2 | data "cloudinit_config" "cloudinit-example" {
 3 |   # Specify options for cloud-init
 4 |   gzip          = false
 5 |   base64_encode = false
 6 | 
 7 |   # Define the first part of the cloud-init configuration
 8 |   part {
 9 |     filename     = "init.cfg"
10 |     content_type = "text/cloud-config"
11 |     # Use a template file to generate content, passing the AWS region as a variable
12 |     content      = templatefile("scripts/init.cfg", {
13 |       REGION = var.AWS_REGION
14 |     })
15 |   }
16 | 
17 |   # Define the second part of the cloud-init configuration
18 |   part {
19 |     content_type = "text/x-shellscript"
20 |     # Use a template file to generate content, passing the instance device name as a variable
21 |     content      = templatefile("scripts/volumes.sh", {
22 |       DEVICE = var.INSTANCE_DEVICE_NAME
23 |     })
24 |   }
25 | }
26 | 


--------------------------------------------------------------------------------
/3. aws_tf_ec2_ebs_userdata/instance.tf:
--------------------------------------------------------------------------------
 1 | resource "aws_instance" "example" {
 2 |   ami           = var.AMIS[var.AWS_REGION]
 3 |   instance_type = "t2.micro"
 4 | 
 5 |   # the VPC subnet
 6 |   subnet_id = aws_subnet.main-public-1.id
 7 | 
 8 |   # the security group
 9 |   vpc_security_group_ids = [aws_security_group.allow-ssh.id]
10 | 
11 |   # the public SSH key
12 |   key_name = aws_key_pair.mykeypair.key_name
13 | 
14 |   # user data
15 |   user_data = data.cloudinit_config.cloudinit-example.rendered
16 | }
17 | 
18 | resource "aws_ebs_volume" "ebs-volume-1" {
19 |   availability_zone = "us-east-1a"
20 |   size              = 20
21 |   type              = "gp2"
22 |   tags = {
23 |     Name = "extra volume data"
24 |   }
25 | }
26 | 
27 | resource "aws_volume_attachment" "ebs-volume-1-attachment" {
28 |   device_name  = var.INSTANCE_DEVICE_NAME
29 |   volume_id    = aws_ebs_volume.ebs-volume-1.id
30 |   instance_id  = aws_instance.example.id
31 |   skip_destroy = true                            # skip destroy to avoid issues with terraform destroy
32 | }
33 | 
34 | 


--------------------------------------------------------------------------------
/3. aws_tf_ec2_ebs_userdata/key.tf:
--------------------------------------------------------------------------------
1 | resource "aws_key_pair" "mykeypair" {
2 |   key_name   = "mykeypair"
3 |   public_key = file(var.PATH_TO_PUBLIC_KEY)
4 | }
5 | 
6 | 


--------------------------------------------------------------------------------
/3. aws_tf_ec2_ebs_userdata/provider.tf:
--------------------------------------------------------------------------------
 1 | terraform {
 2 |   required_providers {
 3 |     aws = {
 4 |       source  = "hashicorp/aws"
 5 |     }
 6 |   }
 7 |   backend "s3" {
 8 |     bucket = "my-rds-secrets-bucket"
 9 |     key    = "rds_tf_state/terraform.tfstate"
10 |     region = "us-east-1"
11 |   }
12 | }
13 | 
14 | provider "aws" {
15 |   region = var.AWS_REGION
16 | }


--------------------------------------------------------------------------------
/3. aws_tf_ec2_ebs_userdata/scripts/init.cfg:
--------------------------------------------------------------------------------
 1 | #cloud-config
 2 | 
 3 | # Update package repositories during initialization
 4 | repo_update: true
 5 | 
 6 | # Upgrade all packages to their latest versions
 7 | repo_upgrade: all
 8 | 
 9 | # Install the Logical Volume Manager (LVM2) package
10 | packages:
11 |   - lvm2
12 | 
13 | # Redirect all output to both console and append to /var/log/cloud-init-output.log
14 | output:
15 |   all: '| tee -a /var/log/cloud-init-output.log'
16 | 


--------------------------------------------------------------------------------
/3. aws_tf_ec2_ebs_userdata/scripts/volumes.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | # Enable debugging and exit on error
 4 | set -ex 
 5 | 
 6 | # Activate volume groups
 7 | vgchange -ay
 8 | 
 9 | # Check the file system type of the specified device
10 | DEVICE_FS=`blkid -o value -s TYPE ${DEVICE} || echo ""`
11 | if [ "`echo -n $DEVICE_FS`" == "" ] ; then 
12 |   # Wait for the device to be attached and format it if not formatted
13 |   DEVICENAME=`echo "${DEVICE}" | awk -F '/' '{print $3}'`
14 |   DEVICEEXISTS=''
15 | 
16 |   # Loop to verify device attachment
17 |   while [[ -z $DEVICEEXISTS ]]; do
18 |     echo "verify $DEVICENAME"
19 |     DEVICEEXISTS=`lsblk |grep "$DEVICENAME" |wc -l`
20 |     if [[ $DEVICEEXISTS != "1" ]]; then
21 |       sleep 15
22 |     fi
23 |   done
24 | 
25 |   # Ensure the device file in /dev/ exists within a time limit
26 |   count=0
27 |   until [[ -e ${DEVICE} || "$count" == "60" ]]; do
28 |     sleep 5
29 |     count=$(expr $count + 1)
30 |   done
31 | 
32 |   # Initialize physical volume, create volume group, and logical volume
33 |   pvcreate ${DEVICE}
34 |   vgcreate data ${DEVICE}
35 |   lvcreate --name volume1 -l 100%FREE data
36 | 
37 |   # Create a file system on the volume
38 |   mkfs.ext4 /dev/data/volume1
39 | fi
40 | 
41 | # Create directory /data if it doesn't exist
42 | mkdir -p /data
43 | 
44 | # Add entry to /etc/fstab for mounting at boot
45 | echo '/dev/data/volume1 /data ext4 defaults 0 0' >> /etc/fstab
46 | 
47 | # Mount /data
48 | mount /data
49 | 
50 | # Install Docker
51 | curl https://get.docker.com | bash
52 | 
53 | # End of script
54 | 


--------------------------------------------------------------------------------
/3. aws_tf_ec2_ebs_userdata/securitygroup.tf:
--------------------------------------------------------------------------------
 1 | resource "aws_security_group" "allow-ssh" {
 2 |   vpc_id      = aws_vpc.main.id
 3 |   name        = "allow-ssh"
 4 |   description = "security group that allows ssh and all egress traffic"
 5 |   egress {
 6 |     from_port   = 0
 7 |     to_port     = 0
 8 |     protocol    = "-1"
 9 |     cidr_blocks = ["0.0.0.0/0"]
10 |   }
11 | 
12 |   ingress {
13 |     from_port   = 22
14 |     to_port     = 22
15 |     protocol    = "tcp"
16 |     cidr_blocks = ["0.0.0.0/0"]
17 |   }
18 |   tags = {
19 |     Name = "allow-ssh"
20 |   }
21 | }
22 | 
23 | 


--------------------------------------------------------------------------------
/3. aws_tf_ec2_ebs_userdata/vars.tf:
--------------------------------------------------------------------------------
 1 | variable "AWS_REGION" {
 2 |   default = "us-east-1"
 3 | }
 4 | 
 5 | variable "PATH_TO_PRIVATE_KEY" {
 6 |   default = "mykey"
 7 | }
 8 | 
 9 | variable "PATH_TO_PUBLIC_KEY" {
10 |   default = "mykey.pub"
11 | }
12 | 
13 | variable "AMIS" {
14 |   type = map(string)
15 |   default = {
16 |     us-east-1 = "ami-0b0ea68c435eb488d"
17 |   }
18 | }
19 | 
20 | variable "INSTANCE_DEVICE_NAME" {
21 |   default = "/dev/xvdh"
22 | }
23 | 
24 | 


--------------------------------------------------------------------------------
/3. aws_tf_ec2_ebs_userdata/vpc.tf:
--------------------------------------------------------------------------------
  1 | # Internet VPC
  2 | resource "aws_vpc" "main" {
  3 |   cidr_block           = "10.0.0.0/16"
  4 |   instance_tenancy     = "default"
  5 |   enable_dns_support   = "true"
  6 |   enable_dns_hostnames = "true"
  7 |   tags = {
  8 |     Name = "main"
  9 |   }
 10 | }
 11 | 
 12 | # Subnets
 13 | resource "aws_subnet" "main-public-1" {
 14 |   vpc_id                  = aws_vpc.main.id
 15 |   cidr_block              = "10.0.1.0/24"
 16 |   map_public_ip_on_launch = "true"
 17 |   availability_zone       = "us-east-1a"
 18 | 
 19 |   tags = {
 20 |     Name = "main-public-1"
 21 |   }
 22 | }
 23 | 
 24 | resource "aws_subnet" "main-public-2" {
 25 |   vpc_id                  = aws_vpc.main.id
 26 |   cidr_block              = "10.0.2.0/24"
 27 |   map_public_ip_on_launch = "true"
 28 |   availability_zone       = "us-east-1b"
 29 | 
 30 |   tags = {
 31 |     Name = "main-public-2"
 32 |   }
 33 | }
 34 | 
 35 | resource "aws_subnet" "main-public-3" {
 36 |   vpc_id                  = aws_vpc.main.id
 37 |   cidr_block              = "10.0.3.0/24"
 38 |   map_public_ip_on_launch = "true"
 39 |   availability_zone       = "us-east-1c"
 40 | 
 41 |   tags = {
 42 |     Name = "main-public-3"
 43 |   }
 44 | }
 45 | 
 46 | resource "aws_subnet" "main-private-1" {
 47 |   vpc_id                  = aws_vpc.main.id
 48 |   cidr_block              = "10.0.4.0/24"
 49 |   map_public_ip_on_launch = "false"
 50 |   availability_zone       = "us-east-1a"
 51 | 
 52 |   tags = {
 53 |     Name = "main-private-1"
 54 |   }
 55 | }
 56 | 
 57 | resource "aws_subnet" "main-private-2" {
 58 |   vpc_id                  = aws_vpc.main.id
 59 |   cidr_block              = "10.0.5.0/24"
 60 |   map_public_ip_on_launch = "false"
 61 |   availability_zone       = "us-east-1b"
 62 | 
 63 |   tags = {
 64 |     Name = "main-private-2"
 65 |   }
 66 | }
 67 | 
 68 | resource "aws_subnet" "main-private-3" {
 69 |   vpc_id                  = aws_vpc.main.id
 70 |   cidr_block              = "10.0.6.0/24"
 71 |   map_public_ip_on_launch = "false"
 72 |   availability_zone       = "us-east-1c"
 73 | 
 74 |   tags = {
 75 |     Name = "main-private-3"
 76 |   }
 77 | }
 78 | 
 79 | # Internet GW
 80 | resource "aws_internet_gateway" "main-gw" {
 81 |   vpc_id = aws_vpc.main.id
 82 | 
 83 |   tags = {
 84 |     Name = "main"
 85 |   }
 86 | }
 87 | 
 88 | # route tables
 89 | resource "aws_route_table" "main-public" {
 90 |   vpc_id = aws_vpc.main.id
 91 |   route {
 92 |     cidr_block = "0.0.0.0/0"
 93 |     gateway_id = aws_internet_gateway.main-gw.id
 94 |   }
 95 | 
 96 |   tags = {
 97 |     Name = "main-public-1"
 98 |   }
 99 | }
100 | 
101 | # route associations public
102 | resource "aws_route_table_association" "main-public-1-a" {
103 |   subnet_id      = aws_subnet.main-public-1.id
104 |   route_table_id = aws_route_table.main-public.id
105 | }
106 | 
107 | resource "aws_route_table_association" "main-public-2-a" {
108 |   subnet_id      = aws_subnet.main-public-2.id
109 |   route_table_id = aws_route_table.main-public.id
110 | }
111 | 
112 | resource "aws_route_table_association" "main-public-3-a" {
113 |   subnet_id      = aws_subnet.main-public-3.id
114 |   route_table_id = aws_route_table.main-public.id
115 | }
116 | 
117 | 


--------------------------------------------------------------------------------
/4. aws_tf_ec2_s3/iam.tf:
--------------------------------------------------------------------------------
 1 | resource "aws_iam_role" "s3-mybucket-role" {
 2 |   name               = "s3-mybucket-role"
 3 |   assume_role_policy = <<EOF
 4 | {
 5 |   "Version": "2012-10-17",
 6 |   "Statement": [
 7 |     {
 8 |       "Action": "sts:AssumeRole",
 9 |       "Principal": {
10 |         "Service": "ec2.amazonaws.com"
11 |       },
12 |       "Effect": "Allow",
13 |       "Sid": ""
14 |     }
15 |   ]
16 | }
17 | EOF
18 | 
19 | }
20 | 
21 | resource "aws_iam_instance_profile" "s3-mybucket-role-instanceprofile" {
22 |   name = "s3-mybucket-role"
23 |   role = aws_iam_role.s3-mybucket-role.name
24 | }
25 | 
26 | resource "aws_iam_role_policy" "s3-mybucket-role-policy" {
27 |   name = "s3-mybucket-role-policy"
28 |   role = aws_iam_role.s3-mybucket-role.id
29 |   policy = <<EOF
30 | {
31 |     "Version": "2012-10-17",
32 |     "Statement": [
33 |         {
34 |             "Effect": "Allow",
35 |             "Action": [
36 |               "s3:ListBucket"
37 |             ],
38 |             "Resource": [
39 |               "arn:aws:s3:::mybucket-c29df12344"
40 |             ]
41 |         },
42 |         {
43 |             "Effect": "Allow",
44 |             "Action": [
45 |               "s3:GetObject"
46 |             ],
47 |             "Resource": [
48 |               "arn:aws:s3:::mybucket-c29df12344/*"
49 |             ]
50 |         }
51 |     ]
52 | }
53 | EOF
54 | }
55 | 
56 | 


--------------------------------------------------------------------------------
/4. aws_tf_ec2_s3/instance.tf:
--------------------------------------------------------------------------------
 1 | resource "aws_instance" "example" {
 2 |   ami           = var.AMIS[var.AWS_REGION]
 3 |   instance_type = "t2.micro"
 4 | 
 5 |   # the VPC subnet
 6 |   subnet_id = aws_subnet.main-public-1.id
 7 | 
 8 |   # the security group
 9 |   vpc_security_group_ids = [aws_security_group.example-instance.id]
10 | 
11 |   # the public SSH key
12 |   key_name = aws_key_pair.mykeypair.key_name
13 | 
14 |   # role:
15 |   iam_instance_profile = aws_iam_instance_profile.s3-mybucket-role-instanceprofile.name
16 | }
17 | 
18 | 


--------------------------------------------------------------------------------
/4. aws_tf_ec2_s3/key.tf:
--------------------------------------------------------------------------------
1 | resource "aws_key_pair" "mykeypair" {
2 |   key_name   = "mykeypair"
3 |   public_key = file(var.PATH_TO_PUBLIC_KEY)
4 | }
5 | 
6 | 


--------------------------------------------------------------------------------
/4. aws_tf_ec2_s3/output.tf:
--------------------------------------------------------------------------------
1 | output "instance" {
2 |   value = aws_instance.example.public_ip
3 | }
4 | 
5 | 


--------------------------------------------------------------------------------
/4. aws_tf_ec2_s3/provider.tf:
--------------------------------------------------------------------------------
1 | provider "aws" {
2 |   region = var.AWS_REGION
3 | }
4 | 
5 | 


--------------------------------------------------------------------------------
/4. aws_tf_ec2_s3/s3.tf:
--------------------------------------------------------------------------------
1 | resource "aws_s3_bucket" "b" {
2 |   bucket = "mybucket-c29df12344"
3 | 
4 |   tags = {
5 |     Name = "mybucket-c29df12344"
6 |   }
7 | }
8 | 
9 | 


--------------------------------------------------------------------------------
/4. aws_tf_ec2_s3/securitygroup.tf:
--------------------------------------------------------------------------------
 1 | resource "aws_security_group" "example-instance" {
 2 |   vpc_id      = aws_vpc.main.id
 3 |   name        = "allow-ssh"
 4 |   description = "security group that allows ssh and all egress traffic"
 5 |   egress {
 6 |     from_port   = 0
 7 |     to_port     = 0
 8 |     protocol    = "-1"
 9 |     cidr_blocks = ["0.0.0.0/0"]
10 |   }
11 | 
12 |   ingress {
13 |     from_port   = 22
14 |     to_port     = 22
15 |     protocol    = "tcp"
16 |     cidr_blocks = ["0.0.0.0/0"]
17 |   }
18 |   tags = {
19 |     Name = "example-instance"
20 |   }
21 | }
22 | 
23 | 


--------------------------------------------------------------------------------
/4. aws_tf_ec2_s3/vars.tf:
--------------------------------------------------------------------------------
 1 | variable "AWS_REGION" {
 2 |   default = "us-east-1"
 3 | }
 4 | 
 5 | variable "PATH_TO_PRIVATE_KEY" {
 6 |   default = "mykey"
 7 | }
 8 | 
 9 | variable "PATH_TO_PUBLIC_KEY" {
10 |   default = "mykey.pub"
11 | }
12 | 
13 | variable "AMIS" {
14 |   type = map(string)
15 |   default = {
16 |     us-east-1 = "ami-0b0ea68c435eb488d"
17 |   }
18 | }
19 | 


--------------------------------------------------------------------------------
/4. aws_tf_ec2_s3/versions.tf:
--------------------------------------------------------------------------------
1 | 
2 | terraform {
3 |   required_version = ">= 0.12"
4 | }
5 | 


--------------------------------------------------------------------------------
/4. aws_tf_ec2_s3/vpc.tf:
--------------------------------------------------------------------------------
  1 | # Internet VPC
  2 | resource "aws_vpc" "main" {
  3 |   cidr_block           = "10.0.0.0/16"
  4 |   instance_tenancy     = "default"
  5 |   enable_dns_support   = "true"
  6 |   enable_dns_hostnames = "true"
  7 |   tags = {
  8 |     Name = "main"
  9 |   }
 10 | }
 11 | 
 12 | # Subnets
 13 | resource "aws_subnet" "main-public-1" {
 14 |   vpc_id                  = aws_vpc.main.id
 15 |   cidr_block              = "10.0.1.0/24"
 16 |   map_public_ip_on_launch = "true"
 17 |   availability_zone       = "us-east-1a"
 18 | 
 19 |   tags = {
 20 |     Name = "main-public-1"
 21 |   }
 22 | }
 23 | 
 24 | resource "aws_subnet" "main-public-2" {
 25 |   vpc_id                  = aws_vpc.main.id
 26 |   cidr_block              = "10.0.2.0/24"
 27 |   map_public_ip_on_launch = "true"
 28 |   availability_zone       = "us-east-1b"
 29 | 
 30 |   tags = {
 31 |     Name = "main-public-2"
 32 |   }
 33 | }
 34 | 
 35 | resource "aws_subnet" "main-public-3" {
 36 |   vpc_id                  = aws_vpc.main.id
 37 |   cidr_block              = "10.0.3.0/24"
 38 |   map_public_ip_on_launch = "true"
 39 |   availability_zone       = "us-east-1c"
 40 | 
 41 |   tags = {
 42 |     Name = "main-public-3"
 43 |   }
 44 | }
 45 | 
 46 | resource "aws_subnet" "main-private-1" {
 47 |   vpc_id                  = aws_vpc.main.id
 48 |   cidr_block              = "10.0.4.0/24"
 49 |   map_public_ip_on_launch = "false"
 50 |   availability_zone       = "us-east-1a"
 51 | 
 52 |   tags = {
 53 |     Name = "main-private-1"
 54 |   }
 55 | }
 56 | 
 57 | resource "aws_subnet" "main-private-2" {
 58 |   vpc_id                  = aws_vpc.main.id
 59 |   cidr_block              = "10.0.5.0/24"
 60 |   map_public_ip_on_launch = "false"
 61 |   availability_zone       = "us-east-1b"
 62 | 
 63 |   tags = {
 64 |     Name = "main-private-2"
 65 |   }
 66 | }
 67 | 
 68 | resource "aws_subnet" "main-private-3" {
 69 |   vpc_id                  = aws_vpc.main.id
 70 |   cidr_block              = "10.0.6.0/24"
 71 |   map_public_ip_on_launch = "false"
 72 |   availability_zone       = "us-east-1c"
 73 | 
 74 |   tags = {
 75 |     Name = "main-private-3"
 76 |   }
 77 | }
 78 | 
 79 | # Internet GW
 80 | resource "aws_internet_gateway" "main-gw" {
 81 |   vpc_id = aws_vpc.main.id
 82 | 
 83 |   tags = {
 84 |     Name = "main"
 85 |   }
 86 | }
 87 | 
 88 | # route tables
 89 | resource "aws_route_table" "main-public" {
 90 |   vpc_id = aws_vpc.main.id
 91 |   route {
 92 |     cidr_block = "0.0.0.0/0"
 93 |     gateway_id = aws_internet_gateway.main-gw.id
 94 |   }
 95 | 
 96 |   tags = {
 97 |     Name = "main-public-1"
 98 |   }
 99 | }
100 | 
101 | # route associations public
102 | resource "aws_route_table_association" "main-public-1-a" {
103 |   subnet_id      = aws_subnet.main-public-1.id
104 |   route_table_id = aws_route_table.main-public.id
105 | }
106 | 
107 | resource "aws_route_table_association" "main-public-2-a" {
108 |   subnet_id      = aws_subnet.main-public-2.id
109 |   route_table_id = aws_route_table.main-public.id
110 | }
111 | 
112 | resource "aws_route_table_association" "main-public-3-a" {
113 |   subnet_id      = aws_subnet.main-public-3.id
114 |   route_table_id = aws_route_table.main-public.id
115 | }
116 | 
117 | 


--------------------------------------------------------------------------------
/5. aws_tf_ecs_fargate/Load-Balancer.tf:
--------------------------------------------------------------------------------
 1 | resource "aws_lb" "LB" {
 2 |   name               = "LB"
 3 |   internal           = false
 4 |   load_balancer_type = "application"
 5 |   security_groups    = [aws_security_group.SG.id]
 6 |   subnets            = [aws_subnet.subnet1.id, aws_subnet.subnet2.id]
 7 | 
 8 |   tags = {
 9 |     Name = "LB"
10 |   }
11 | }
12 | 
13 | resource "aws_alb_listener" "Listener" {
14 |   load_balancer_arn = aws_lb.LB.id
15 |   port              = "80"
16 |   protocol          = "HTTP"
17 | 
18 |   default_action {
19 |     target_group_arn = aws_lb_target_group.TG.id
20 |     type             = "forward"
21 |   }
22 | }


--------------------------------------------------------------------------------
/5. aws_tf_ecs_fargate/Security-Group.tf:
--------------------------------------------------------------------------------
 1 | resource "aws_security_group" "SG" {
 2 |   name        = "SG"
 3 |   description = "Allow Port 80"
 4 |   vpc_id      = aws_vpc.vpc.id
 5 | 
 6 |   ingress {
 7 |     from_port   = 80
 8 |     to_port     = 80
 9 |     protocol    = "tcp"
10 |     cidr_blocks = ["0.0.0.0/0"]
11 |   }
12 | 
13 |   egress {
14 |     from_port   = 0
15 |     to_port     = 0
16 |     protocol    = "-1"
17 |     cidr_blocks = ["0.0.0.0/0"]
18 |   }
19 | 
20 |   tags = {
21 |     Name = "SG"
22 |   }
23 | }


--------------------------------------------------------------------------------
/5. aws_tf_ecs_fargate/Target-Group.tf:
--------------------------------------------------------------------------------
 1 | resource "aws_lb_target_group" "TG" {
 2 |   name        = "TG"
 3 |   port        = "80"
 4 |   protocol    = "HTTP"
 5 |   target_type = "ip"
 6 |   vpc_id      = aws_vpc.vpc.id
 7 | 
 8 |   tags = {
 9 |     Name = "TG"
10 |   }
11 | }


--------------------------------------------------------------------------------
/5. aws_tf_ecs_fargate/backend.tf:
--------------------------------------------------------------------------------
 1 | terraform {
 2 |   backend "s3" {
 3 |     bucket  = "my-terraform-state-bobby"
 4 |     region  = "us-east-1"
 5 |     key     = "ecs-fargate/terraform.tfstate"
 6 |     encrypt = true
 7 |   }
 8 |   required_version = ">=0.13.0"
 9 |   required_providers {
10 |     aws = {
11 |       version = ">= 2.7.0"
12 |       source  = "hashicorp/aws"
13 |     }
14 |   }
15 | }
16 | 


--------------------------------------------------------------------------------
/5. aws_tf_ecs_fargate/ecs-cluster.tf:
--------------------------------------------------------------------------------
1 | resource "aws_ecs_cluster" "ECS" {
2 |   name = "my-cluster"
3 | 
4 |   tags = {
5 |     Name = "my-new-cluster"
6 |   }
7 | }   


--------------------------------------------------------------------------------
/5. aws_tf_ecs_fargate/ecs-service.tf:
--------------------------------------------------------------------------------
 1 | resource "aws_ecs_service" "ECS-Service" {
 2 |   name                               = "my-service"
 3 |   launch_type                        = "FARGATE"
 4 |   platform_version                   = "LATEST"
 5 |   cluster                            = aws_ecs_cluster.ECS.id
 6 |   task_definition                    = aws_ecs_task_definition.TD.arn
 7 |   scheduling_strategy                = "REPLICA"
 8 |   desired_count                      = 2
 9 |   deployment_minimum_healthy_percent = 100
10 |   deployment_maximum_percent         = 200
11 |   depends_on                         = [aws_alb_listener.Listener, aws_iam_role.iam-role]
12 | 
13 | 
14 |   load_balancer {
15 |     target_group_arn = aws_lb_target_group.TG.arn
16 |     container_name   = "container"
17 |     container_port   = 80
18 |   }
19 | 
20 | 
21 |   network_configuration {
22 |     assign_public_ip = true
23 |     security_groups  = [aws_security_group.SG.id]
24 |     subnets          = [aws_subnet.subnet1.id, aws_subnet.subnet2.id]
25 |   }
26 | }
27 | 


--------------------------------------------------------------------------------
/5. aws_tf_ecs_fargate/ecs-taskdefiniton.tf:
--------------------------------------------------------------------------------
 1 | resource "aws_ecs_task_definition" "TD" {
 2 |   family                   = "nginx"
 3 |   requires_compatibilities = ["FARGATE"]
 4 |   execution_role_arn       = aws_iam_role.iam-role.arn
 5 |   network_mode             = "awsvpc"
 6 |   cpu                      = 1024
 7 |   memory                   = 2048
 8 |   container_definitions = jsonencode([
 9 |     {
10 |       name      = "main-container"
11 |       image     = "gomurali/exp-app-1:2"
12 |       cpu       = 1024
13 |       memory    = 2048
14 |       essential = true
15 |       portMappings = [
16 |         {
17 |           containerPort = 80
18 |           hostPort      = 80
19 |         }
20 |       ]
21 |     }
22 |   ])
23 | }
24 | 
25 | 
26 | data "aws_ecs_task_definition" "TD" {
27 |   task_definition = aws_ecs_task_definition.TD.family
28 | }


--------------------------------------------------------------------------------
/5. aws_tf_ecs_fargate/iam-policy.json:
--------------------------------------------------------------------------------
 1 | {
 2 |     "Version": "2012-10-17",
 3 |     "Statement": [
 4 |         {
 5 |             "Effect": "Allow",
 6 |             "Action": [
 7 |                 "ecr:GetAuthorizationToken",
 8 |                 "ecr:BatchCheckLayerAvailability",
 9 |                 "ecr:GetDownloadUrlForLayer",
10 |                 "ecr:BatchGetImage",
11 |                 "logs:CreateLogStream",
12 |                 "logs:PutLogEvents"
13 |             ],
14 |             "Resource": "*"
15 |         }
16 |     ]
17 | }


--------------------------------------------------------------------------------
/5. aws_tf_ecs_fargate/iam-policy.tf:
--------------------------------------------------------------------------------
1 | resource "aws_iam_role_policy" "iam-policy" {
2 |   name   = "ECS-execution-role-policy"
3 |   role   = aws_iam_role.iam-role.id
4 |   policy = file("${path.module}/iam-policy.json")
5 | }


--------------------------------------------------------------------------------
/5. aws_tf_ecs_fargate/iam-role.json:
--------------------------------------------------------------------------------
 1 | {
 2 |     "Version": "2008-10-17",
 3 |     "Statement": [
 4 |         {
 5 |             "Sid": "",
 6 |             "Effect": "Allow",
 7 |             "Principal": {
 8 |                 "Service": "ecs-tasks.amazonaws.com"
 9 |             },
10 |             "Action": "sts:AssumeRole"
11 |         }
12 |     ]
13 | }


--------------------------------------------------------------------------------
/5. aws_tf_ecs_fargate/iam-role.tf:
--------------------------------------------------------------------------------
1 | resource "aws_iam_role" "iam-role" {
2 |   name               = "ECS-execution-role"
3 |   assume_role_policy = file("${path.module}/iam-role.json")
4 | }
5 | 


--------------------------------------------------------------------------------
/5. aws_tf_ecs_fargate/output.tf:
--------------------------------------------------------------------------------
1 | output "lb_dns_name" {
2 |   value = aws_lb.LB.dns_name
3 | }


--------------------------------------------------------------------------------
/5. aws_tf_ecs_fargate/provider.tf:
--------------------------------------------------------------------------------
1 | provider "aws" {
2 |   region = "us-east-1"
3 | }


--------------------------------------------------------------------------------
/5. aws_tf_ecs_fargate/vpc.tf:
--------------------------------------------------------------------------------
 1 | resource "aws_vpc" "vpc" {
 2 |   cidr_block = "10.0.0.0/16"
 3 | 
 4 |   tags = {
 5 |     Name = "VPC"
 6 |   }
 7 | }
 8 | 
 9 | resource "aws_subnet" "subnet1" {
10 |   vpc_id                  = aws_vpc.vpc.id
11 |   cidr_block              = "10.0.1.0/24"
12 |   map_public_ip_on_launch = true
13 |   availability_zone       = "us-east-1a"
14 | 
15 |   tags = {
16 |     Name = "Subnet1"
17 |   }
18 | }
19 | 
20 | 
21 | resource "aws_subnet" "subnet2" {
22 |   vpc_id                  = aws_vpc.vpc.id
23 |   cidr_block              = "10.0.2.0/24"
24 |   map_public_ip_on_launch = true
25 |   availability_zone       = "us-east-1b"
26 | 
27 |   tags = {
28 |     Name = "Subnet2"
29 |   }
30 | }
31 | 
32 | resource "aws_internet_gateway" "IG" {
33 |   vpc_id = aws_vpc.vpc.id
34 | 
35 |   tags = {
36 |     Name = "Internet-Gateway"
37 |   }
38 | }
39 | 
40 | 
41 | resource "aws_route_table" "RT" {
42 |   vpc_id = aws_vpc.vpc.id
43 |   route {
44 |     cidr_block = "0.0.0.0/0"
45 |     gateway_id = aws_internet_gateway.IG.id
46 |   }
47 | }
48 | 
49 | 
50 | resource "aws_route_table_association" "RTA1" {
51 |   subnet_id      = aws_subnet.subnet1.id
52 |   route_table_id = aws_route_table.RT.id
53 | }
54 | 
55 | 
56 | resource "aws_route_table_association" "RTA2" {
57 |   subnet_id      = aws_subnet.subnet2.id
58 |   route_table_id = aws_route_table.RT.id
59 | }
60 | 
61 | 


--------------------------------------------------------------------------------
/6. aws_tf_api_gateway_lambda_integration/API-GW.tf:
--------------------------------------------------------------------------------
 1 | resource "aws_api_gateway_rest_api" "API" {
 2 |   name        = "lambda-api"
 3 |   description = "lambda-api"
 4 |   endpoint_configuration {
 5 |     types = ["REGIONAL"]
 6 |   }
 7 | }
 8 | 
 9 | resource "aws_api_gateway_resource" "Resource" {
10 |   rest_api_id = aws_api_gateway_rest_api.API.id
11 |   parent_id   = aws_api_gateway_rest_api.API.root_resource_id
12 |   path_part   = "verify-json"
13 | }
14 | 
15 | resource "aws_api_gateway_method" "Method" {
16 |   rest_api_id   = aws_api_gateway_rest_api.API.id
17 |   resource_id   = aws_api_gateway_resource.Resource.id
18 |   http_method   = "POST"
19 |   authorization = "NONE"
20 | }
21 | 
22 | resource "aws_api_gateway_integration" "Integration" {
23 |   rest_api_id             = aws_api_gateway_rest_api.API.id
24 |   resource_id             = aws_api_gateway_resource.Resource.id
25 |   http_method             = aws_api_gateway_method.Method.http_method
26 |   integration_http_method = "POST"
27 |   type                    = "AWS_PROXY"
28 |   uri                     = aws_lambda_function.lambda-function.invoke_arn
29 | }
30 | 
31 | 
32 | resource "aws_lambda_permission" "apigw-lambda" {
33 |   statement_id  = "AllowExecutionFromAPIGateway"
34 |   action        = "lambda:InvokeFunction"
35 |   function_name = aws_lambda_function.lambda-function.function_name
36 |   principal     = "apigateway.amazonaws.com"
37 |   source_arn    = "arn:aws:execute-api:${var.AWS_REGION}:${var.AWS_ACCOUNT_ID}:${aws_api_gateway_rest_api.API.id}/*/${aws_api_gateway_method.Method.http_method}${aws_api_gateway_resource.Resource.path}"
38 | }
39 | 
40 | 
41 | 
42 | resource "aws_api_gateway_method_response" "response_200" {
43 |   rest_api_id = aws_api_gateway_rest_api.API.id
44 |   resource_id = aws_api_gateway_resource.Resource.id
45 |   http_method = aws_api_gateway_method.Method.http_method
46 |   status_code = "200"
47 | }
48 | 
49 | resource "aws_api_gateway_integration_response" "Integration-Response" {
50 |   rest_api_id = aws_api_gateway_rest_api.API.id
51 |   resource_id = aws_api_gateway_resource.Resource.id
52 |   http_method = aws_api_gateway_method.Method.http_method
53 |   status_code = aws_api_gateway_method_response.response_200.status_code
54 | 
55 |   depends_on = [
56 |     aws_api_gateway_integration.Integration
57 |   ]
58 | 
59 |   response_templates = {
60 |     "application/xml" = <<EOF
61 | #set($inputRoot = $input.path('$'))
62 | <?xml version="1.0" encoding="UTF-8"?>
63 | <message>
64 |     $inputRoot.body
65 | </message>
66 | EOF
67 |   }
68 | }
69 | 
70 | 
71 | resource "aws_api_gateway_deployment" "example" {
72 |   depends_on = [
73 |     aws_api_gateway_integration.Integration
74 |   ]
75 |   rest_api_id = aws_api_gateway_rest_api.API.id
76 |   stage_name  = "test"
77 | }


--------------------------------------------------------------------------------
/6. aws_tf_api_gateway_lambda_integration/iam-policy.json:
--------------------------------------------------------------------------------
 1 | {
 2 |   "Version": "2012-10-17",
 3 |   "Statement": [
 4 |     {
 5 |       "Effect": "Allow",
 6 |       "Action": [
 7 |         "logs:CreateLogGroup",
 8 |         "logs:CreateLogStream",
 9 |         "logs:PutLogEvents"
10 |       ],
11 |       "Resource": "*"
12 |     }
13 |   ]
14 | }
15 | 


--------------------------------------------------------------------------------
/6. aws_tf_api_gateway_lambda_integration/iam-policy.tf:
--------------------------------------------------------------------------------
1 | resource "aws_iam_role_policy" "iam-policy" {
2 |   name   = "cloudwatch-policy"
3 |   role   = aws_iam_role.iam-role.id
4 |   policy = file("${path.module}/iam-policy.json")
5 | }


--------------------------------------------------------------------------------
/6. aws_tf_api_gateway_lambda_integration/iam-role.tf:
--------------------------------------------------------------------------------
 1 | data "aws_iam_policy_document" "assume_role" {
 2 |   statement {
 3 |     effect = "Allow"
 4 | 
 5 |     principals {
 6 |       type        = "Service"
 7 |       identifiers = ["lambda.amazonaws.com"]
 8 |     }
 9 | 
10 |     actions = ["sts:AssumeRole"]
11 |   }
12 | }
13 | 
14 | resource "aws_iam_role" "iam-role" {
15 |   name               = "iam-role-lambda-api-gateway"
16 |   assume_role_policy = data.aws_iam_policy_document.assume_role.json
17 | }


--------------------------------------------------------------------------------
/6. aws_tf_api_gateway_lambda_integration/lambda-function.tf:
--------------------------------------------------------------------------------
1 | resource "aws_lambda_function" "lambda-function" {
2 |   filename      = "${path.module}/code.zip"
3 |   function_name = "api-gw-lambda"
4 |   role          = aws_iam_role.iam-role.arn
5 |   handler       = "code.lambda_handler"
6 |   runtime       = "python3.9"
7 | }


--------------------------------------------------------------------------------
/6. aws_tf_api_gateway_lambda_integration/output.tf:
--------------------------------------------------------------------------------
1 | output "api-gateway-url" {
2 |   value = aws_api_gateway_deployment.example.invoke_url
3 | }


--------------------------------------------------------------------------------
/6. aws_tf_api_gateway_lambda_integration/provider.tf:
--------------------------------------------------------------------------------
1 | provider "aws" {
2 |   region = "us-east-1"
3 | }


--------------------------------------------------------------------------------
/6. aws_tf_api_gateway_lambda_integration/variables.tf:
--------------------------------------------------------------------------------
 1 | variable "AWS_REGION" {
 2 |   default   = "us-east-1"
 3 |   type      = string
 4 |   sensitive = true
 5 | }
 6 | 
 7 | variable "AWS_ACCOUNT_ID" {
 8 |   default   = "Your aws account number"
 9 |   type      = string
10 |   sensitive = true
11 | }


--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
 1 | MIT License
 2 | 
 3 | Copyright (c) 2023 Murali ⚡️
 4 | 
 5 | Permission is hereby granted, free of charge, to any person obtaining a copy
 6 | of this software and associated documentation files (the "Software"), to deal
 7 | in the Software without restriction, including without limitation the rights
 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 | 
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 | 
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE.
22 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | # terraform-aws-snippets
 2 | 
 3 | You will find list of aws terraform infrastructure templates here in this repo.
 4 | 
 5 | - [1. vpc](./1.%20aws_tf_vpc_basics/)
 6 | - [2. rds with secrets manager](./2.%20aws_tf_rds_secrets_manager/)
 7 | - [3. ec2 with ebs attachment](./3.%20aws_tf_ec2_ebs_userdata/)
 8 | - [4. ec2 with s3 access](./4.%20aws_tf_ec2_s3/)
 9 | - [5. ECS with Fargate](./5.%20aws_tf_ecs_fargate/)
10 | - [6. API Gateway + Lambda Integration](./6.%20aws_tf_api_gateway_lambda_integration/)
11 | 
12 | ## Contents
13 | 
14 | ### 1. VPC
15 | 
16 | In this directory you will find terraform code to create AWS VPC and ec2 instances
17 | 
18 | ### 2. rds with secrets manager
19 | 
20 | In this directory you will find terraform code to create AWS RDS databases using secrets manager.
21 | 
22 | ### 3. ec2 with ebs attachment
23 | 
24 | In this directory you will find terraform code to create AWS ec2 with ebs attachment on ec2 start up.
25 | 
26 | ### 4. ec2 with s3 access
27 | 
28 | In this directory you will find terraform code to create AWS ec2 with s3 access using IAM instance profile
29 | 
30 | ### 5. ECS using Fargate
31 | 
32 | In this directory you will find terraform code to create ECS Cluster using Fargate launch type
33 | 
34 | ### 6. API Gateway + Lambda Integration
35 | 
36 | In this directory you will find terraform code to create Api gateway + lambda integration
37 | 


--------------------------------------------------------------------------------